<?php
//Verificaci'on de que el archivo sea de una extensi'on v'alida.
// begin Dave B's Q&D file upload security code
  $allowedExtensions = array("jpg","jpeg","gif","png");
  foreach ($_FILES as $file) {
    if ($file['tmp_name'] > '') {
      if (!in_array(end(explode(".",
            strtolower($file['name']))),
            $allowedExtensions)) {
       die($file['name'].' is an invalid file type!<br/>'.
        '<a href="javascript:history.go(-1);">'.
        '&lt;&lt Go Back</a>');
      }
    }
  }
  // end Dave B's Q&D file upload security code 
  require $_SERVER["DOCUMENT_ROOT"] . "/aonce_connect.php";

$target_path = $_SERVER["DOCUMENT_ROOT"] . $parent_dir. "/uploads/";
$target_path = $target_path . $_POST["nombre"] . "_" . basename( $_FILES['uploadedfile']['name']); 

if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
    echo "The file ".  basename( $_FILES['uploadedfile']['name']). 
    " has been uploaded";
} else{
    echo "There was an error uploading the file, please try again!<br />\n";
}

/*
 * Mapeo de variables para inserci'on en base de datos.
 */
$nombre = htmlentities($_POST["nombre"]);
$bio = htmlentities($_POST["bio"]);
$cv = htmlentities($_POST["cv"]);

/*
 * Queries de obtenci'on de informaci'on de artista 
 */
$artista_fields = "nombreartista, bioartista, cvartista, fotoartista";
$artista_query = "INSERT INTO artista ($artista_fields) VALUES (\"$nombre\", \"$bio\", \"$cv\", \"${nombre}_".$_FILES['uploadedfile']['name']."\") ;";
//echo $artista_query;
  
/*
 * Conexion a DB y ejecuci'on de queries
 */
$link = conecta();
$artista_result = $link->query($artista_query);
$link->close();

printf("<script language=\"javascript\">\ndocument.location=\"error.php?msg=%s&title=%s\";\n</script>", urlencode("Artista Guarado Exitosamente"), urlencode("Exito!"));

?>
